Linux網絡屬性配置—iproute命令家族

ip命令：

show / manipulate routing, devices, policy routing and tunnels

ip [ OPTIONS ] OBJECT { COMMAND | help }

OBJECT := { link | addr | route | netns }

ip OBJECT：

ip link： network device configuration

ip link show – display device attributes

]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:d8 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip link set – change device attributes

dev NAME (default)：指明要管理的設備，dev關鍵字可省略；

up和down：

multicast on或multicast off：啟用或禁用多播功能；

name NAME：重命名接口

mtu NUMBER：設置MTU的大小，默認為1500；

netns PID：ns為namespace，用于將接口移動到指定的網絡名稱空間；

]# ip link set eth1 down
]# ip link show eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff
]# ip link set eth1 multicast off 
]# ip link show eth1
3: eth1: <BROADCAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

]# ip link set eth1 name exxx
]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:d8 brd ff:ff:ff:ff:ff:ff
3: exxx: <BROADCAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

]# ip link set eth1 mtu 2000
]# ip link show eth1
3: eth1: <BROADCAST> mtu 2000 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip link help – 顯示簡要使用幫助；

ip netns： – manage network namespaces.

ip netns list：列出所有的netns

ip netns add NAME：創建指定的netns

ip netns del NAME：刪除指定的netns

ip netns exec NAME COMMAND：在指定的netns中運行命令

]# ip netns list
]# ip netns add netspace
]# ip netns list
netspace

ip address – protocol address management.

ip address add – add new protocol address

ip address { add | del } IFADDR dev STRING

ip address { show | flush } [ dev STRING ] [label PATTERN ]

ip addr add IFADDR dev IFACE

[label NAME]：為額外添加的地址指明接口別名；

[broadcast ADDRESS]：廣播地址；會根據IP和NETMASK自動計算得到；

[scope SCOPE_VALUE]：

global：全局可用；

link：接口可用；

host：僅本機可用；

]# ip addr add 192.168.1.10/24 dev eno16777736
]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.1.10/24 scope global eno16777736
       valid_lft forever preferred_lft forever

]# ip addr add 192.168.2.10/24 dev eno16777736 label eno16777736:0
]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.1.10/24 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.2.10/24 scope global eno16777736:0
       valid_lft forever preferred_lft forever

ip address delete – delete protocol address

ip addr delete IFADDR dev IFACE

]# ip addr del 192.168.2.10/24 dev eno16777736 
]# ip addr del 192.168.1.10/24 dev eno16777736
]# ip ad sh eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever

ip address show – look at protocol addresses

ip addr list [IFACE]：顯示接口的地址；

]# ip addr show eno16777736
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:60:1e:7a brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.20/24 brd 10.0.1.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe60:1e7a/64 scope link 
       valid_lft forever preferred_lft forever

ip address flush – flush protocol addresses

ip addr flush dev IFACE

]# ip addr add 10.10.10.10/8 dev eth1 label eth1:0
]# ip addr add 172.16.1.100/16 dev eth1 label eth1:1
]# ip addr show eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth1
    inet 10.10.10.10/8 scope global eth1:0
    inet 172.16.1.100/16 scope global eth1:1

]# ip addr flush dev eth1
]# ip addr show eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ae:e4:e2 brd ff:ff:ff:ff:ff:ff

ip route – routing table management

ip route add – add new route

ip route change – change route

ip route replace – change or add new one

ip route add TYPE PREFIX via GW [dev IFACE] [src SOURCE_IP]

]# ip route add 172.16.0.0/16 via 10.0.1.2 dev eth0 src 10.0.1.6
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10 
172.16.0.0/16 via 10.0.1.2 dev eth0  src 10.0.1.6 
default via 10.0.1.2 dev eth0

]# ip route add default via 10.0.1.2 dev eth0
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10 
172.16.0.0/16 via 10.0.1.2 dev eth0  src 10.0.1.6 
default via 10.0.1.2 dev eth0

ip route delete – delete route

ip route del TYPE PRIFIX

]# ip route del 172.16.0.0/16
]# ip route del default
]# ip route show
10.0.1.0/24 dev eth0  proto kernel  scope link  src 10.0.1.6 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.10

ip route show – list routes

TYPE PRIFIX

ip route get – get a single route

ip route get TYPE PRIFIX

]# ip route get 192.168.1.0/24
broadcast 192.168.1.0 dev eth1  src 192.168.1.10 
    cache <local,brd>  mtu 1500 advmss 1460 hoplimit 64

ss命令：

ss [options] [ FILTER ]

選項：

-t：TCP協議的相關連接

-u：UDP相關的連接

-w：raw socket相關的連接

-l：監聽狀態的連接

-a：所有狀態的連接

-n：數字格式

-p：相關的程序及其PID

-e：擴展格式信息

-m：內存用量

-o：計時器信息

FILTER := [ state TCP-STATE ] [ EXPRESSION ]

TCP的常見狀態：

TCP FSM：

LISTEN：監聽

ESTABLISEHD：建立的連接

FIN_WAIT_1：

FIN_WAIT_2：

SYN_SENT：

SYN_RECV：

CLOSED：

EXPRESSION：

dport =

sport =

示例：'( dport = :22 or sport = :22)’

~]# ss -tan ‘( dport = :22 or sport = :22 )’

~]# ss -tan state ESTABLISHED

來自為知筆記(Wiz)

原創文章，作者：N24_ViCi，如若轉載，請注明出處：http://www.www58058.com/62526

Linux網絡屬性配置—iproute命令家族

相關推薦

Linux發行版的基礎目錄名稱命名法則及功用規定

馬哥教育網絡班22期第2周課程作業

硬鏈接與軟鏈接的聯系與區別

Tomcat

debian8下安裝配置部署zabbix3.0

Linux系統文件查找locate和find命令工具使用

評論列表（1條）